my approach & delivery

Compliance strategies reflect the needs of the business, at all stages of growth typically these topics align with business strategies, but not always, not for everyone.

The danger is that technology models supporting them can become fragmented and non-responsive. My perspective is a unique and simple approach focused on the relevant “What, Why, When and How.##

Rapidly sorting through complicated regulatory compliance requirements and even more complicated technology architectures. Striving always to simplify technology architectures I will detect the risks then identify improvement and mitigation measures.

I can navigate through the maze of diverse international, federal and state regulations on matters of compliance and their precise relevancies within the technology theater. Sound governance coupled with the right balance of standards, policy and procedures are my guaranteed results

My opinions and acumen are disinterested and proven throughout a broad technology compliance and regulatory theater. My manner of examination insure reviews place no reliance on existing business process.

I diligently expand my technical knowledge with a leading edge mentality to continually achieve compliance, network and security certifications.

Architected and automated at the scale of the company Audit’s first Active Directory and RACF access control measurement program. For the first time Audit began independently assessing its multiple role and discretionary based access review frameworks within the business.

Assessed, deliberated and reported control effectiveness for all aspects of the master data governance, classification and quality assurance programs.

Identified regulatory technology requirements, determine methods to apply or address, then monitored oversight to assure regulators, customers and shareholders its control effectiveness is sustainable.

Architect and led onsite inspections for Bank of America’s critical suppliers within corporate audit. Provided direct oversight evaluating the effeteness of supply chain compliance with internal Global Information Security. Established than directed oversight of supplier remediation efforts. Directed the reading and redlining of contracts and service level agreements (SLA).

In partnership with Odell International built the application and technology infrastructure for the construction of the Military Medical Complex in Riyadh and UAE in Saudi Arabia.

General consulting at large performing intrusion and vulnerability assessments for companies like BASF, BMW and Stabilus.